Wednesday, July 13, 2011

Stay secured

Dear <a particular person>,

Here is a list of things you might consider doing to stay onto secured systems and protect your data.

0. Shrink the Win 7 partition by at least 20 GB
Open Control Panel-> Administrative Tools-> Computer Management-> Disk Management. Right-click on the Win 7 partition and select Shrink Volume.

1. Switch over to some Linux system
I would suggest Kubuntu. Download the ISO, burn it (or alternately create a bootable USB) and install it in the HDD by choosing the empty space you generated from Step 0.

You will be on a malware free system at this point without loosing any data. Also, you can access the Win 7 NTFS partition natively from Kubuntu.

Also learn how to install packages from terminal. It is easy and fast.

2. Start by cleaning up Gmail account
2.a. In FWD/POP settings, see if there is a forwarding address defined. If there is one, remove it. I would even suggest that you enable IMAP and POP and use a client like Thunderbird (since you are on an open network unlike me) but this is optional. The detail instructions to configure Thunderbird can be found here.
2.b. Go to Chat settings and select "Never save chat history" and "Only allow people that I've explicitly approved to chat with me and see when I'm online."
2.c. Double check the filter page to ensure that there is no auto forwarding of mails going on.
2.d. Check the Accounts preference and ensure "Grant access to your account" is turned off. And now change your password. Use a scheme like [base pass + first 3 letters of the site] or a variant so that you never forget your password and password on each site stays unique. Make the base password as complex as possible with Caps, Numbers, Special chars, etc. Check the password recovery options and make sure that no unwarranted email-ids and phone numbers exist. Since your other email accounts are not secured yet, remove the email-id. This is temporary. Once you have cleaned your other mail account, reset this.
2.e. Finally go to the general tab and set "Always use https" in Browser connection settings.

3. Clean your FB account
3.a. Go to Privacy settings-> Custom-> Customize settings and make the section "Things others share" and contact info as restrictive as possible.
3.b. Go to Application list and remove all the bogus apps. There will be a button Back to App privacy on top. Go there and Edit settings on "Info accessible through your friends". Uncheck all options.
3.b. Go to Account settings-> Cross check the Mobile and Notifications tab to ensure that all mails are routed to the secured Gmail id created in step 2 and no other mobile is mapped to the account. Now click on the settings tab and set the primary email to the secured mail id. Cross check so that there are no linked accounts and finally when you are sure, change the password using the scheme described above. Click on Account security and enable Secure Browsing (https) and Notifications.

A note of caution: FB chat is very insecure as they have a lot of public handles in the javascript code. [javascript:Chat.openTab(uid);] is one of them. You're better off with mail, Gtalk (Install Pidgin on Kubuntu to use Gtalk).

I guess this will occupy you for the night. I will expand the list a bit more when you are done with this.

Regards.

No comments:

Post a Comment